[smokeping-users] Slave-Master security
G.W. Haywood
ged at jubileegroup.co.uk
Wed Mar 20 11:51:00 CET 2013
Hi there,
On Tue, 19 Mar 2013, Gregory Sloop wrote:
> So, I suppose this is essentially off-topic, but I'm wondering about
> hardening the communications between a master and a slave.
Not off-topic at all.
> In my case, I'm thinking of having slaves that communicate over an
> un-secure net [say the internet] back to the master.
> ...
> I've considered building VPN's or SSH tunnels between the slave(s) and
> masters - but does anyone have any tried-and-true methods that are
> perhaps less cumbersome - that I haven't considered?
Those are the best methods available. They aren't particularly
cumbersome, and once you get used to them they're fairly trivial.
I even use VPNs to run Smokeping over private wireless links, so
if somebody does crack the wireless encryption all they've found
is the encrypted VPN behind it.
You can use the security features of Apache (for example denying
access to the Smokeping CGI to all but a small range of IPs) but
it's never going to be as secure as the encrypted methods you've
already identified.
--
73,
Ged.
More information about the smokeping-users
mailing list